Publication:
Policy-based SQLIA detection and prevention approach for RFID systems

Simple item page
dc.contributor.authorAbawajy, J
dc.contributor.authorFernando, H. S
dc.date.accessioned2022-05-16T07:30:33Z
dc.date.available2022-05-16T07:30:33Z
dc.date.issued2015-02-01
dc.description.abstractWhile SQL injection attacks have been plaguing web application systems for years, the possibility of them affecting RFID systems was only identified very recently. However, very little work exists to mitigate this serious security threat to RFID-enabled enterprise systems. In this paper, we propose a policy-based SQLIA detection and prevention method for RFID systems. The proposed technique creates data validation and sanitization policies during content analysis and enforces those policies during runtime monitoring. We tested all possible types of dynamic queries that may be generated in RFID systems with all possible types of attacks that can be mounted on those systems. We present an analysis and evaluation of the proposed approach to demonstrate the effectiveness of the proposed approach in mitigating SQLIA.en_US
dc.identifier.doi10.1016/j.csi.2014.08.005en_US
dc.identifier.urihttps://rda.sliit.lk/handle/123456789/2304
dc.language.isoenen_US
dc.publisherNorth-Hollanden_US
dc.relation.ispartofseriesComputer Standards & Interfaces;Vol 38 Pages 64-71
dc.subjectRFIDen_US
dc.subjectSQLIAen_US
dc.subjectData validationen_US
dc.subjectData sanitizationen_US
dc.subjectPolicyen_US
dc.titlePolicy-based SQLIA detection and prevention approach for RFID systemsen_US
dc.typeArticleen_US
dspace.entity.typePublication

Files

Original bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
1-s2.0-S092054891400083X-main.pdf
Size:
1.23 MB
Format:
Adobe Portable Document Format
Description:
Download

License bundle

Now showing 1 - 1 of 1
No Thumbnail Available
Name:
license.txt
Size:
1.71 KB
Format:
Item-specific license agreed upon to submission
Description:
Download

Collections

Research Papers - Dept of Computer Systems Engineering